Merge remote-tracking branch 'upstream/master'

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

.github/workflows/go.yml

@@ -25,8 +25,8 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v2
       with:
-        go-version: 1.16
-    
+        go-version: 1.17
+
     - name: Get dependencies
       run: go get -v -t -d ./...
 
@@ -54,4 +54,3 @@ jobs:
       with:
         commit_message: update production style.css
         file_pattern: web/assets/style.css
-

Dockerfile

@@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: Unlicense
 
-FROM golang:1.16-alpine
+FROM golang:1.17-alpine
 
 RUN apk add --no-cache \
       build-base \

README.md

@@ -5,12 +5,12 @@ SPDX-License-Identifier: CC0-1.0
 -->
 
 # Go-SSB Room
-[![REUSE status](https://api.reuse.software/badge/github.com/ssb-ngi-pointer/go-ssb-room)](https://api.reuse.software/info/github.com/ssb-ngi-pointer/go-ssb-room)
+[![REUSE status](https://api.reuse.software/badge/github.com/ssbc/go-ssb-room)](https://api.reuse.software/info/github.com/ssbc/go-ssb-room)
 
 This repository implements the [Room (v1+v2) server spec](https://github.com/ssbc/rooms2), in Go.
 
 It includes:
-* secret-handshake+boxstream network transport, sometimes referred to as SHS, using [secretstream](https://github.com/cryptoscope/secretstream)
+* secret-handshake+boxstream network transport, sometimes referred to as SHS, using [secretstream](https://github.com/ssbc/go-secretstream)
 * muxrpc handlers for tunneling connections
 * a fully embedded HTTP server & HTML frontend, for administering the room
 
@@ -45,4 +45,3 @@ For an in-depth codebase walkthrough, see the [development.md](./docs/developmen
 ## License
 
 MIT
-

cmd/insert-user/main.go

@@ -19,10 +19,10 @@ import (
 	_ "github.com/mattn/go-sqlite3"
 	"golang.org/x/crypto/ssh/terminal"
 
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/internal/repo"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/roomdb"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/roomdb/sqlite"
-	refs "go.mindeco.de/ssb-refs"
+	refs "github.com/ssbc/go-ssb-refs"
+	"github.com/ssbc/go-ssb-room/v2/internal/repo"
+	"github.com/ssbc/go-ssb-room/v2/roomdb"
+	"github.com/ssbc/go-ssb-room/v2/roomdb/sqlite"
 )
 
 func main() {
@@ -76,7 +76,7 @@ func main() {
 	check(err)
 	defer db.Close()
 
-	fmt.Fprintln(os.Stderr, "Enter Password: ")
+	fmt.Fprintln(os.Stderr, "Choose a password to be able to log into the web frontend: ")
 	bytePassword, err := terminal.ReadPassword(int(syscall.Stdin))
 	check(err)
 
@@ -90,7 +90,7 @@ func main() {
 	}
 
 	ctx := context.Background()
-	mid, err := db.Members.Add(ctx, *pubKey, role)
+	mid, err := db.Members.Add(ctx, pubKey, role)
 	check(err)
 
 	err = db.AuthFallback.SetPassword(ctx, mid, string(bytePassword))

cmd/server/main.go

@@ -26,21 +26,21 @@ import (
 	_ "net/http/pprof"
 
 	_ "github.com/mattn/go-sqlite3"
+	"github.com/ssbc/go-muxrpc/v2/debug"
 	"github.com/throttled/throttled/v2"
 	"github.com/throttled/throttled/v2/store/memstore"
 	"github.com/unrolled/secure"
-	"go.cryptoscope.co/muxrpc/v2/debug"
 	kitlog "go.mindeco.de/log"
 	"go.mindeco.de/log/level"
 
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/internal/network"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/internal/repo"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/internal/signinwithssb"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/roomdb"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/roomdb/sqlite"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/roomsrv"
-	mksrv "github.com/ssb-ngi-pointer/go-ssb-room/v2/roomsrv"
-	"github.com/ssb-ngi-pointer/go-ssb-room/v2/web/handlers"
+	"github.com/ssbc/go-ssb-room/v2/internal/network"
+	"github.com/ssbc/go-ssb-room/v2/internal/repo"
+	"github.com/ssbc/go-ssb-room/v2/internal/signinwithssb"
+	"github.com/ssbc/go-ssb-room/v2/roomdb"
+	"github.com/ssbc/go-ssb-room/v2/roomdb/sqlite"
+	"github.com/ssbc/go-ssb-room/v2/roomsrv"
+	mksrv "github.com/ssbc/go-ssb-room/v2/roomsrv"
+	"github.com/ssbc/go-ssb-room/v2/web/handlers"
 )
 
 // Version and Build are set by ldflags
@@ -94,7 +94,7 @@ func initFlags() {
 	u, err := user.Current()
 	checkFatal(err)
 
-	flag.StringVar(&appKey, "shscap", "1KHLiKZvAvjbY1ziZEHMXawbCEIM6qwjCDm3VYRan/s=", "secret-handshake app-key (or capability)")
+	flag.StringVar(&appKey, "shscap", "1KHLiKZvAvjbY1ziZEHMXawbCEIM6qwjCDm3VYRan/s=", "secret-handshake app-key or capability; should likely not be changed as this makes you part of a different network")
 
 	flag.StringVar(&listenAddrShsMux, "lismux", ":8008", "address to listen on for secret-handshake+muxrpc")
 	flag.StringVar(&listenAddrHTTP, "lishttp", ":3000", "address to listen on for HTTP requests")
@@ -379,7 +379,7 @@ func runroomsrv() error {
 	// all init was successfull
 	level.Info(log).Log(
 		"event", "serving",
-		"ID", roomsrv.Whoami().Ref(),
+		"ID", roomsrv.Whoami().String(),
 		"shsmuxaddr", listenAddrShsMux,
 		"httpaddr", listenAddrHTTP,
 		"version", version, "commit", commit,

docs/architecture.md

@@ -9,9 +9,9 @@ SPDX-License-Identifier: CC0-1.0
 ## Invite flow
 
 This implementation of Rooms 2.0 is compliant with the [Rooms 2.0
-specification](https://github.com/ssb-ngi-pointer/rooms2), but we add a few additional features
+specification](https://github.com/ssbc/rooms2), but we add a few additional features
 and pages in order to improve user experience when their SSB app does not support [SSB
-URIs](https://github.com/ssb-ngi-pointer/ssb-uri-spec).
+URIs](https://github.com/ssbc/ssb-uri-spec).
 
 A summary can be seen in the following chart:
 
@@ -25,12 +25,12 @@ in a form.
 ## Sign-in flow
 
 This implementation is compliant with [SSB HTTP
-Authentication](https://github.com/ssb-ngi-pointer/ssb-http-auth-spec), but we add a few
+Authentication](https://github.com/ssbc/ssb-http-auth-spec), but we add a few
 additional features and pages in order to improve user experience. For instance, besides
 conventional SSB HTTP Auth, we also render a QR code to sign-in with a remote SSB app (an SSB
 identity not on the device that has the browser open). We also support sign-in with
 username/password, what we call "fallback authentication".
 
 A summary can be seen in the following chart:
 
-![Chart](./images/login-chart.png)
+![Chart](./images/login-chart.png)

docs/deployment.md

@@ -5,24 +5,25 @@ SPDX-License-Identifier: CC0-1.0
 -->
 
 # Getting Started
+
 There are two paths to starting your own room: creating a build from source, or downloading one
 of the premade releases.
 
 ## Premade builds
 
-See the [releases page](https://github.com/ssb-ngi-pointer/go-ssb-room/releases) for packaged linux releases.
+See the [releases page](https://github.com/ssbc/go-ssb-room/releases) for packaged linux releases.
 
 We currently only distributed pre-packaged releases for Debian-compatible distributions.
-See [Issue #79](https://github.com/ssb-ngi-pointer/go-ssb-room/issues/79) for the details.
+See [Issue #79](https://github.com/ssbc/go-ssb-room/issues/79) for the details.
 If this doesn't work for you, read the "Creating a build" section below.
 
 After running `sudo dpkg -i go-ssb-room_v1.2.3_Linux_x86_64.deb` pay special attention to the
 [postinstall notes](./files/debian-postinstall.sh) for how to configure the systemd file and webserver.
 
 ## Creating a build
 
-* [Download Go](https://golang.org/doc/install) & [set up your Go environment](https://golang.org/doc/install#install). You will need at least Go v1.16.
-* Download the repository `git clone [email protected]:ssb-ngi-pointer/go-ssb-room.git && cd go-ssb-room`
+* [Download Go](https://golang.org/doc/install) & [set up your Go environment](https://golang.org/doc/install#install). You will need at least Go v1.17.
+* Download the repository `git clone [email protected]:ssbc/go-ssb-room.git && cd go-ssb-room`
 * [Follow the development instructions](./development.md)
 * You should now have a working go-ssb-room binary! Read the HTTP Hosting section below and admin
   user sections below, for more instructions on the last mile.
@@ -32,7 +33,7 @@ After running `sudo dpkg -i go-ssb-room_v1.2.3_Linux_x86_64.deb` pay special att
 This project includes a docker-compose.yml file as well as a Docker file. Using
 it should be fairly straight forward.
 
-Start off by making a copy of `.env_example` called `.env` and insert your 
+Start off by making a copy of `.env_example` called `.env` and insert your
 website domain there. With that done execute
 
 ```
@@ -78,7 +79,7 @@ Two bits of rationale:
 
 1. People usually want to have more than one site on their server. Put differently, we could
 have [LetsEncrypt](https://letsencrypt.org/) inside the go-ssb-room server but it would have to
-listen on port :443—blocking the use of other domains on the same IP.  
+listen on port :443—blocking the use of other domains on the same IP.
 2. Listening on :443 can be pretty annoying (you might need root privileges or similar capabilities).
 
 go-ssb-room needs three headers to function properly, which need to be forwarded by the
@@ -111,7 +112,7 @@ is often added automatically by your provider.
 
 When the process is complete with `certbot`, pay attention to where the certificate has been placed
 in the filesystem. If it's at `/etc/letsencrypt/live/hermies.club`, it's correct, otherwise you may
-need to rename it e.g. `hermies.club-0001` to `hermies.club`. 
+need to rename it e.g. `hermies.club-0001` to `hermies.club`.
 
 The example nginx configuration uses prebuilt Diffie-Hellman parameters.  You can generate these
 with the following command:
@@ -162,6 +163,8 @@ If you installed the Debian package, you will first need to install Go to build
 sudo apt-get install golang-go
 ```
 
+(**WARNING**: please check that `golang-go` is >= 1.17 and if not, you may need to use the [official installation documentation](https://go.dev/dl/) instead. `go-ssb-room` requires at least Go 1.17.)
+
 In a new terminal window navigate to the insert-user utility folder and compile the GO-based utility into an executable your computer can use
 
 ```
@@ -184,5 +187,4 @@ Or if you installed go-ssb-room using the Debian package:
 sudo ./insert-user -repo "/var/lib/go-ssb-room" "@Bp5Z5TQKv6E/Y+QZn/3LiDWMPi63EP8MHsXZ4tiIb2w=.ed25519"
 ```
 
-You can now login in the web-front-end using these credentials
-
+It will ask you to create a password to access the web-front-end.  You can now login in the web-front-end using these credentials.

docs/development.md

@@ -6,7 +6,7 @@ SPDX-License-Identifier: CC0-1.0
 
 ## Development notes
 
-To get started, you need a recent version of [Go](https://golang.org). v1.16 and onward should be sufficient.
+To get started, you need a recent version of [Go](https://golang.org). v1.17 and onward should be sufficient.
 
 Also, if you want to develop the CSS and HTML on the website, you need Node.js v14 in order to compile Tailwind.
 
@@ -37,7 +37,7 @@ Usage of ./server:
   -repo string
     	where to put the log and indexes (default "~/.ssb-go-room")
   -shscap string
-    	secret-handshake app-key (or capability) (default "1KHLiKZvAvjbY1ziZEHMXawbCEIM6qwjCDm3VYRan/s=")
+    	secret-handshake app-key or capability; should likely not be changed as this makes you part of a different network (default "1KHLiKZvAvjbY1ziZEHMXawbCEIM6qwjCDm3VYRan/s=")
   -version
     	print version number and build date
 
@@ -69,8 +69,8 @@ go generate ./...
 cd cmd/server && go build && ./server -htts-domain=my.room.example
 ```
 
-
 ## Tooling
+
 ### Mocks
 
 [`counterfeiter`](https://github.com/maxbrunsfeld/counterfeiter) enables generating mocks for defined interfaces. To update the mocks, run `go generate` in package roomdb.
@@ -126,7 +126,7 @@ See the [testing.md](./testing.md) for a thorough walkthorugh of the different t
 
 ## Release packaging
 
-Because of [issue #79](https://github.com/ssb-ngi-pointer/go-ssb-room/issues/79) we can't simply create binaries for all platforms independantly. Therefore binaries for re-distributions need to be created on the relevant distributions themselvs. We currently do this for debian. The process is as follows:
+Because of [issue #79](https://github.com/ssbc/go-ssb-room/issues/79) we can't simply create binaries for all platforms independantly. Therefore binaries for re-distributions need to be created on the relevant distributions themselvs. We currently do this for debian. The process is as follows:
 
 1) Install a recent debian stable version onto a dedicated machine or VM for instance (docker might also be possible).
 2) Install [Go](https://golang.org/doc/install).

docs/files/debian-postinstall.sh

@@ -16,12 +16,12 @@ It will store it's files (roomdb and cookie secrets) under /var/lib/go-ssb-room.
 This is also where you would put custom translations.
 
 For more configuration background see /usr/share/go-ssb-room/README.md
-or visit the code repo at https://github.com/ssb-ngi-pointer/go-ssb-room/tree/master/docs
+or visit the code repo at https://github.com/ssbc/go-ssb-room/tree/master/docs
 
 Like outlined in that document, we highly encourage using nginx with certbot for TLS termination.
 We also supply an example config for this. You can find it under /usr/share/go-ssb-room/nginx-example.conf
 
-> Important 
+> Important
 
 Before you start using room server via the systemd service, you need to at least change the https domain in the systemd service.
 

docs/testing.md

@@ -37,29 +37,33 @@ The frontend tests—tests that check for the presence of various elements on se
 the module [`goquery`](https://github.com/PuerkitoBio/goquery) for querying the returned HTML.
 
 ## Snippets
+
 #### Print the raw html of the corresponding page
+
 ```
-    html, _ := ts.Client.GetHTML(url)
-    fmt.Println(html.Html())
+html, _ := ts.Client.GetHTML(url)
+fmt.Println(html.Html())
 ```
 
 #### Find and print the `title` element of a page
+
 ```
-    html, _ := ts.Client.GetHTML(url)
-    title := html.Find("title")
-    // print the title string
-    fmt.Println(title.Text())
+html, _ := ts.Client.GetHTML(url)
+title := html.Find("title")
+// print the title string
+fmt.Println(title.Text())
 ```
 
 ## Filling the mockdb
+
 `go-ssb-room` uses database mocks for performing tests against the backend database logic. This
 means prefilling a route with the data you expect to be returned when the route is queried.
 This type of testing is an alternative to using an entire pre-filled sqlite database of test
 data.
 
 As such, there is no command you run first to generate your fake database, but
 functions you have to call in a kind of pre-test setup, inside each testing
-block you are authoring. 
+block you are authoring.
 
 > [counterfeiter](https://github.com/maxbrunsfeld/counterfeiter) generates a bunch of methods for each function, so you have
 > XXXXReturns,  XXXCallCount XXXArgsForCall(i) etc
@@ -72,6 +76,7 @@ That is, for a function `GetUID` there is a corresponding mock-filling function
 The following examples show more concretely what mocking the data looks like.
 
 **Having the List() function return a static list of three items:**
+
 ```go
 // go-ssb-room/web/handlers/admin/allow_list_test.go:113
 lst := roomdb.ListEntries{
@@ -80,19 +85,19 @@ lst := roomdb.ListEntries{
 	{ID: 3, PubKey: refs.FeedRef{ID: bytes.Repeat([]byte("acab"), 8), Algo: "true"}},
 }
 ts.MembersDB.ListReturns(lst, nil)
-
 ```
 
 **Checking how often RemoveID was called and with what arguments:**
+
 ```go
 // go-ssb-room/web/handlers/admin/allow_list_test.go:210
  a.Equal(1, ts.MembersDB.RemoveIDCallCount())
  _, theID := ts.MembersDB.RemoveIDArgsForCall(0)
  a.EqualValues(666, theID)
 ```
 
-
 ## Example test
+
 ```go
 package handlers
 
@@ -144,4 +149,3 @@ cd muxrpc/test/nodejs
 npm ci
 go test
 ```
-